winapi - Hooking NtQueryDirectoryFile can't hide files -

i want hide files (in program). decided use ntquerydirectoryfile. files not hidden, code not work. don't use driver, use user mode. can me please?
the code snippet:
typedef ntstatus (winapi * ntquerydirectoryfile) (in handle filehandle,in handle event optional,in pio_apc_routine apcroutine optional,in pvoid apccontext optional,out pio_status_block iostatusblock,out pvoid fileinformation,in ulong fileinformationlength,in myfile_information_class fileinformationclass,in boolean returnsingleentry,in punicode_string filename optional,in boolean restartscan);  ntquerydirectoryfile originalntquerydirectoryfile;  #define status_no_such_file 0xc000000f  ntstatus   hookedntquerydirectoryfile(         in handle filehandle,         in handle event optional,         in pio_apc_routine apcroutine optional,         in pvoid apccontext optional,         out pio_status_block iostatusblock,         out pvoid fileinformation,         in ulong fileinformationlength,         in myfile_information_class fileinformationclass,         in boolean returnsingleentry,         in punicode_string filename optional,         in boolean restartscan) {     ntstatus status = originalntquerydirectoryfile(filehandle,event,apcroutine,apccontext,iostatusblock,fileinformation,fileinformationlength,fileinformationclass,returnsingleentry,filename,restartscan);      vector<wstring> listdataforhidding;     listdataforhidding.push_back(l"afile.txt");     listdataforhidding.push_back(l"bfile.txt");     listdataforhidding.push_back(l"cfile.txt");     listdataforhidding.push_back(l"dfile.txt");      if (nt_success(status))     {         pmyfile_directory_information filedirectoryinfo, lastfiledirectoryinfo;         pmyfile_full_dir_information  lastfilefulldirectoryinfo, filefulldirectoryinfo;         pmyfile_both_dir_information  lastfilebothdirectoryinfo, filebothdirectoryinfo;         pmyfile_names_information     lastfilenamesinfo, filenamesinfo;          ulong offset = 0;         bool bneedhide = false;          switch (fileinformationclass)         {             case filedirectoryinformation :                 filedirectoryinfo = null;                                   {                     //filedirectoryinfo = (pvoid)((ulong)fileinformation + offset);                     filedirectoryinfo = (pmyfile_directory_information)((ulong)fileinformation + offset);                     lastfiledirectoryinfo = filedirectoryinfo;                      wstring wstrcurrfilename = filedirectoryinfo->filename;                     bneedhide = false;                     for(size_t index = 0; index < listdataforhidding.size(); index ++)                     {                          if(wstrcurrfilename.find(listdataforhidding[index]) != wstring::npos)                         {                              bneedhide = true;                             break;                         }                     }                      //if (filedirectoryinfo->filename[0] == 0x5f00)                     if(bneedhide == true)                     {                         if (!filedirectoryinfo->nextentryoffset)                         {                             if (lastfiledirectoryinfo) lastfiledirectoryinfo->nextentryoffset = 0;                             else status = status_no_such_file;                             return status;                         } else                          if (lastfiledirectoryinfo) lastfiledirectoryinfo->nextentryoffset += filedirectoryinfo->nextentryoffset;                                             }                      offset += filedirectoryinfo->nextentryoffset;                  } while (filedirectoryinfo->nextentryoffset);              break;              case filefulldirectoryinformation :                 filefulldirectoryinfo = null;                                 {                     lastfilefulldirectoryinfo = filefulldirectoryinfo;                     //filefulldirectoryinfo = (pvoid)((ulong)fileinformation + offset);                     filefulldirectoryinfo = (pmyfile_full_dir_information)((ulong)fileinformation + offset);                      wstring wstrcurrfilename = filedirectoryinfo->filename;                     bneedhide = false;                      for(size_t index = 0; index < listdataforhidding.size(); index ++)                     {                          if(wstrcurrfilename.find(listdataforhidding[index]) != wstring::npos)                         {                                 bneedhide = true;                             break;                         }                     }                      //if (filefulldirectoryinfo->filename[0] == 0x5f00)                     if(bneedhide == true)                     {                         if (!filefulldirectoryinfo->nextentryoffset)                         {                             if (lastfilefulldirectoryinfo) lastfilefulldirectoryinfo->nextentryoffset = 0;                             else status = status_no_such_file;                             return status;                         } else                          if (lastfilefulldirectoryinfo) lastfilefulldirectoryinfo->nextentryoffset += filefulldirectoryinfo->nextentryoffset;                     }                      offset += filefulldirectoryinfo->nextentryoffset;                  } while (filefulldirectoryinfo->nextentryoffset);             break;              case filebothdirectoryinformation :                 filebothdirectoryinfo = null;                                 {                     lastfilebothdirectoryinfo = filebothdirectoryinfo;                     //filebothdirectoryinfo = (pvoid)((ulong)fileinformation + offset);                     filebothdirectoryinfo = (pmyfile_both_dir_information)((ulong)fileinformation + offset);                      wstring wstrcurrfilename = filedirectoryinfo->filename;                     bneedhide = false;                      for(size_t index = 0; index < listdataforhidding.size(); index ++)                     {                          if(filebothdirectoryinfo->filenamelength > 1 && wstrcurrfilename.find(listdataforhidding[index]) != wstring::npos)                         {                              bneedhide = true;                             break;                         }                     }                      //if (filebothdirectoryinfo->filenamelength > 1 && filebothdirectoryinfo->filename[0] == 0x5f00)                     if(bneedhide == true)                     {                         if (!filebothdirectoryinfo->nextentryoffset)                         {                             if (lastfilebothdirectoryinfo) lastfilebothdirectoryinfo->nextentryoffset = 0;                             else status = status_no_such_file;                             return status;                         } else                          if (lastfilebothdirectoryinfo) lastfilebothdirectoryinfo->nextentryoffset += filebothdirectoryinfo->nextentryoffset;                     }                      offset += filebothdirectoryinfo->nextentryoffset;                  } while (filebothdirectoryinfo->nextentryoffset);             break;              case filenamesinformation :                 filenamesinfo = null;                                 {                     lastfilenamesinfo = filenamesinfo;                     //filenamesinfo = (pvoid)((ulong)fileinformation + offset);                     filenamesinfo = (pmyfile_names_information)((ulong)fileinformation + offset);                      wstring wstrcurrfilename = filedirectoryinfo->filename;                     bneedhide = false;                      for(size_t index = 0; index < listdataforhidding.size(); index ++)                     {                          if(wstrcurrfilename.find(listdataforhidding[index]) != wstring::npos)                         {                               bneedhide = true;                             break;                         }                     }                      //if (filenamesinfo->filename[0] == 0x5f00)                     if(bneedhide == true)                     {                         if (!filenamesinfo->nextentryoffset)                         {                             if(lastfilenamesinfo) lastfilenamesinfo->nextentryoffset = 0;                             else status = status_no_such_file;                             return status;                         } else                          if (lastfilenamesinfo) lastfilenamesinfo->nextentryoffset += filenamesinfo->nextentryoffset;                     }                      offset += filenamesinfo->nextentryoffset;                 } while (filenamesinfo->nextentryoffset);              break;         }     }      return status; }
Search This Blog

Employment & Recruiting

winapi - Hooking NtQueryDirectoryFile can't hide files -

Popular posts from this blog

How to calculate SNR of signals in MATLAB? -

c# - Attempting to upload to FTP: System.Net.WebException: System error -

ios - UISlider customization: how to properly add shadow to custom knob image -
